Security

At SciNet, we rely on different controls to ensure the protection of our researchers’ data and SciNet systems. These controls are divided into three main categories: physical, technical and administrative controls.
A subset of these controls is listed below.

Physical controls

  • Access to our facilities is restricted and reviewed on a regular basis
  • Secured areas are monitored
  • 24/7 fire & security service is provided by a third party
  • Chiller and cooling tower maintain the ideal temperature and humidity in the datacenter
  • UPS and generator ensure uninterrupted power source

Technical controls

  • Network firewalls and intrusion prevention systems monitor suspicious activities
  • Patching of systems is prioritized based on a risk approach
  • Two-factor authentication is enforced for privileged users
  • Two-factor authentication is offered as optional to researchers
  • Backups of systems and researchers’ data are stored securely, in different locations and tested regularly
  • Encryption of data in-transit with approved algorithms is enforced to access our systems remotely

Administrative controls

  • Security awareness sessions are organized regularly with our staff members
  • Incident response plan is tested at least once a year

Please also note that SciNet complies with the University of Toronto standards and the policies of the Digital Research Alliance of Canada:
https://isea.utoronto.ca/information-security-standard/
https://www.alliancecan.ca/en/policies

Do you need more details? Feel free to reach out to us!